Log in

View Full Version : 2 +Tsehp about Revirgin


rot8
February 19th, 2001, 03:22
First of all: THANK YOU for your great tool !

Now, some else:
1.I load my W98 (it is clean, just installed,w/o any Shedulers etc.).
2.Load my target.
3.Press Resolver.
4.Press Resolve Again.
IT is virgin (almoust
OK, again:
1.I REBOOT my W98.
2.Load my target.
3.Press Resolver.
4.Press Resolve Again.
Import Table is ...hmm... half-virginated

Any suggestinos ?

And else, could you make small button, which named "Make Ordinals clean".
Import Table will be MORE virgin

Regards, rot8.

+SplAj
February 19th, 2001, 05:29
Hi Rot8

Tsehp won't mind me answering this one

A quick question.........did you try the 'tracer' function on those missing API's ?????

SplAj

rot8
February 20th, 2001, 05:16
Hi +SplAj !

Not concerning tracer...
The problem is that Revirgin works 2 times in the SAME environment (clean W98 without ANY ....hmm..resident programs with the only target loaded) and put out DIFFERENT results !!!
How Can It Be ?

Now about tracer:
It does not work at all
It freezes W98 until "three fingers combination"

+SplAj
February 20th, 2001, 05:44
Hi Rot8

Ok, you have a problem :-( Revirgin is still very much in Beta test form right now. +Tsehp did great work to get his program to function on Win98 and 98 SE. It works great on ASprotect. His primary 'target' :P , but there are other redirections that it ,currently , has a problem with. He is working very hard on this

However the API's should be the same , every run, except possibly for those that have a 'memory match' with other DLL API's - If you have the IAT correctly located

Tell us your target and uplink the two API.txt files from Revirgin that show the differences. Maybe we can help further , maybe not.

SplAj

Kilby!
February 20th, 2001, 05:49
Revirgin works really well on Copylok protected files.

I didn't have to use trace at all.

Kilby...

rot8
February 21st, 2001, 02:54
Quote:
+SplAj (02-19-2001 18:44):
Hi Rot8

However the API's should be the same , every run, except possibly for those that have a 'memory match' with other DLL API's - If you have the IAT correctly located

Tell us your target and uplink the two API.txt files from Revirgin that show the differences. Maybe we can help further , maybe not.

SplAj

OK. I give up. Think, it is some mystic =)

Target is Tag & Rename v1.8 at http://www.softpointer.com
It is unpacked and defeated.
Crack is released.
So I do not need any help =)

Thanks.

rot8.

+SplAj
February 21st, 2001, 10:12
Hi Rot8

congrats on your success. I just DL the target and it is dis-protected by the new ASProtect1.2
being built 5th Feb 2001

My findings :-

OEiP 537058
IAT 13C1B8 len 828
make new section at 1E7000 len 3000

Only problem API was GetProcAddress ( as usual !) I restarted Win and did it 2nd time. Same results !!!

A bit of a tweek and voila.

I'll try again tonite on my home PC.

SplAj

tsehp
February 23rd, 2001, 15:40
Hey what's the problem with revirgin ?
ah ! it's solved, ok nice, so bye

If there's more asprotect problems in the future, and only for asprotect : write me directly, I will not anymore give info about asprotect on this mb.
Why ? because alexey didn't want to give my $500 for me to explain him how revirgin works and he's doing some naughty tests to see if revirgin is defeated

regards,

+Tsehp

BlackB
February 25th, 2001, 16:54
Hehehe, what did I say about the Asprotect discussion some months ago? Yes, to keep it private......everyone was against my opinion then......what a sudden change of thought :P

Well you know.....the cat-and-mouse game between cracker/protector is fun and cool, but NEVER forget that if protections get reversed and patches are released, this may bring financial damage to the protector....thus.....I'm not surprised that Alexey 's doing this naughty trick. Well anyway, he has the right to do so.....I think he looses more money then we do

Last thing I'd like to say: always be careful with so-called reverser/software author friendship. If I was a software author I'd try to infiltrate the reverser/cracking scene and set them up....yes I'm evil too. Luckely, i'm a cracker and not a software author *grin*

greetz

BlackB